<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> <title></title> </head> <body bgcolor="#ffffff" text="#000000"> I've been trying for a couple of days to produce a self signed certificate for Dovecot. (I never had any problem with UW-imap) Using the provided mkcert.sh, I found the following problems: 1. The SSLDIR variable was incorrect. Got the error message - /etc/ssl/certs directory doesn't exist /etc/ssl/private directory doesn't exist. I changed this to point to /usr/share/ssl 2. When I ran again ran the script, it complained: /usr/share/ssl/certs/imapd.pem already exists, won't overwrite. Why imapd.pem, when there is a dovecot.pem file? 3. I commented out the checks in the script file that look for existing dovecot.pem files. It ran further this time. I got: Generating a 1024 bit RSA private key .......................................++++++ .........++++++ writing new private key to '/usr/share/ssl/private/imapd.pem' ----- subject= /OU=IMAP POP <a class="moz-txt-link-abbreviated" href="mailto:server/CN=server.aeran.info/emailAddress=admin@aeran.info">server/CN=server.aeran.info/emailAddress=admin@aeran.info</a> MD5 Fingerprint=4A:6C:7C:9F:E7:BD:38:04:3F:81:1D:69:DE:17:9B:DA Note it wrote 'imapd.pem' not 'dovecot.pem' as I would have expected. It didn't write dovecot.pem into /usr/share/ssl/certs Dovecot won't start if the .pem files are not correct. You get: Jun 23 21:39:39 server imap-login: Can't load private key file /usr/share/ssl/private/dovecot.pem: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch What is going on here?? Why two certificates? Should they be imapd.pem or dovecot.pem? I've done a lot of googling, and looking in the dovecot lists, trying to find an answer. No luck. Could someone please look into this? </body> </html>